[OpenAFS] (webserver security) AFS and Apache Virtual Directory
Russ Allbery
rra@stanford.edu
Wed, 23 Nov 2005 14:04:57 -0800
Tim Spriggs <tims@lpl.arizona.edu> writes:
> Of course, this doesn't completely solve the problem, right? As long as
> the webserver can see it and other people can run stuff as the webserver
> (like a quick perl/cgi script)
Right, that's why you don't allow the second one, or if you do, you run
those programs with a different set of credentials than the server using a
hacked suexec.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>